More than half a million Apple computers have been infected with the Flashback Trojan, according to a Russian anti-virus firm.
An investigation by Dr Web suggests that about 600,000 Macs have installed the malware - potentially allowing them to be hijacked and used as a "botnet".
Apple has released a security update, but users who have not installed the patch remain exposed.
Flashback was first detected last September when anti-virus researchers flagged up software masquerading itself as a Flash Player update. Once downloaded it deactivated some of the computer's security software.
Later versions of the malware exploited weaknesses in the Java programming language to allow the code to be installed from bogus sites without the user's permission.
Remote control
Dr Web said that once the Trojan was installed it sent a message to the intruder's control server with a unique ID to identify the infected machine.
"By introducing the code criminals are potentially able to control the machine," the firm's chief executive Boris Sharov told the BBC.
"We stress the word potential as we have never seen any malicious activity since we hijacked the botnet to take it out of criminals' hands. However, we know people create viruses to get money.
"The largest amounts of bots - based on the IP addresses we identified - are in the US, Canada, UK and Australia, so it appears to have targeted English-speaking people."
We can help
If you own or use a MAC and are unsure how safe your computer is or have any concerns, click here to get you local PC PAL engineer to contact you to arrange an appointment asap. All of our engineers are fully qualified and experienced in dealing with Malwares, trojans and viruses as well as Apple Macs.
Alternatively, why dont you book in your local engineer to give you a one-to-one session for advice, tips and guidance on keeping your computer or laptop safe from viruses, malware and Trojans.
